Skip to content

SecurityManager

Defined in: packages/webhook/src/security/security.manager.ts:18

Webhook 보안 관리자 서명 생성 및 검증을 담당

new SecurityManager(webhookConfig): SecurityManager

Defined in: packages/webhook/src/security/security.manager.ts:22

Pick<WebhookConfig, "algorithm" | "signatureHeader" | "signaturePrefix">

SecurityManager

createSecurityHeaders(payload, secret): Record<string, string>

Defined in: packages/webhook/src/security/security.manager.ts:120

Webhook 전송을 위한 보안 헤더 생성

string

string

Record<string, string>


createSignedPayload(payload, timestamp): string

Defined in: packages/webhook/src/security/security.manager.ts:39

Canonical string to sign when a timestamp header is present. Format: ${timestamp}.${payload}

string

string

string


extractSignature(headers): string | null

Defined in: packages/webhook/src/security/security.manager.ts:105

HTTP 헤더에서 서명 추출

Record<string, string>

string | null


generateSignature(payload, secret): string

Defined in: packages/webhook/src/security/security.manager.ts:46

Webhook 페이로드에 대한 서명 생성

string

string

string


generateSignatureWithTimestamp(payload, timestamp, secret): string

Defined in: packages/webhook/src/security/security.manager.ts:56

Generate signature for a timestamped webhook. (Recommended when also validating X-Webhook-Timestamp to prevent replay.)

string

string

string

string


getConfig(): SecurityConfig

Defined in: packages/webhook/src/security/security.manager.ts:218

현재 보안 설정 반환

SecurityConfig


updateConfig(config): void

Defined in: packages/webhook/src/security/security.manager.ts:211

보안 설정 업데이트

Partial<SecurityConfig>

void


verifySignature(payload, signature, secret): boolean

Defined in: packages/webhook/src/security/security.manager.ts:70

Webhook 서명 검증

string

string

string

boolean


verifySignatureWithTimestamp(payload, timestamp, signature, secret): boolean

Defined in: packages/webhook/src/security/security.manager.ts:89

Verify signature for a timestamped webhook.

string

string

string

string

boolean


verifyTimestamp(timestamp, toleranceSeconds?): boolean

Defined in: packages/webhook/src/security/security.manager.ts:142

타임스탬프 기반 재생 공격 방지 검증

string

number = 300

boolean